
var mongo=require('../models/db')
//加密
var crypto=require('crypto')
var User=require('../models/User')
function checkLogin(req,res,next) {
    if(!req.session.user){
        req.flash('error','未登录');
       return res.redirect('/login');
    }
    next()
}
function checkNotLogin(req,res,next) {
    if(req.session.user){
        req.flash('error', '已登录!');
       return res.redirect('back');//返回之前的页面
    }
    next()
}
module.exports=function (app) {
    //首页的路由
    app.get('/',function (req, res) {
        res.render('index',{
            title:'首页',
            user:req.session.user,
            success:req.flash('success').toString(),
            error:req.flash('error').toString()
        });
    })
//注册页面的路由
    app.get('/reg',checkNotLogin);
    app.get('/reg',function (req, res) {
        res.render('reg',{
            title:'注册页面',
            user:req.session.user,
            success:req.flash('success').toString(),
            error:req.flash('error').toString()
        })
    })
    app.post("/reg",function (req, res) {
        //1.接受请求数据
        var name = req.body.username;
        var password = req.body.password;
        var password_re = req.body['password_re'];

        //2.判断一下两次密码是否一样
        if(password !== password_re){
            req.flash('error','两次密码不一样');
            return res.redirect('/reg')
        }
        //3.密码进行加密
        var md5 = crypto.createHash('md5');
        var password = md5.update(req.body.password).digest('hex');

        // 4 整理到一个对象上
        var newUser=new User({
            name:name,
            password:password,
            email:req.body.email
        })
        User.get(newUser.name,function (err,user) {
            if(err){
                req.flash('error',err)
                return  res.redirect('/reg')
            }
            if(user){
                req.flash('error','用户名被占用')
               return res.redirect('/reg')
            }
            newUser.save(function (err,user) {
                if(err){
                    req.flash('error',err)
                    res.redirect('/reg')
                }
                req.session.user=user
                req.flash('success','注册成功')
                return  res.redirect('/');
            })

        })
    })
//路由规则写这里
    //登录
    app.get('/login',checkNotLogin);
    app.get('/login',function (req, res) {
        res.render('login',{
            title:'登录页面',
            user:req.session.user,
            success:req.flash('success').toString(),
            error:req.flash('error').toString()
        })
    })
    app.post("/login",function (req, res) {
        //1.对用户提交的密码进行加密处理
        var md5 = crypto.createHash('md5');
        var password = md5.update(req.body.password).digest('hex');
        //2.检查用户名是否存在
        User.get(req.body.username,function (err, user) {
            if (err){
                req.flash('error',err);
                return res.redirect('/login');
            }
            if(!user){
                req.flash('error','用户名不存在');
                return res.redirect('/login');
            }
            //3.检查密码是否一致
            if(user.password != password){
                req.flash('error','密码错误');
                return res.redirect('/login');
            }
            //4.最后登录成功后，把登录信息放入SESSION，提示成功后跳转
            req.session.user = user;
            req.flash('success','登录成功');
            return res.redirect('/')
        })
    })
    //退出
    app.get('/logout',checkLogin);
    app.get('/logout',function (req, res) {
        req.session.user = null;
        req.flash('success', '登出成功!');
        res.redirect('/');//登出成功后跳转到主页
    })
}